From 1e257e764d94cd10252595d678d69de264030dee Mon Sep 17 00:00:00 2001 From: JasonPowr Date: Wed, 10 Jul 2024 14:14:05 +0100 Subject: [PATCH] fix-sbj-upgrade-issue --- .../controller/common/utils/kubernetes/job.go | 27 ++++++++++-- .../securesign/actions/segment_backup_job.go | 41 +++++++++++++++++-- 2 files changed, 62 insertions(+), 6 deletions(-) diff --git a/internal/controller/common/utils/kubernetes/job.go b/internal/controller/common/utils/kubernetes/job.go index ea3dd5f1e..c36a35b36 100644 --- a/internal/controller/common/utils/kubernetes/job.go +++ b/internal/controller/common/utils/kubernetes/job.go @@ -1,17 +1,26 @@ package kubernetes import ( + "context" + "fmt" + batchv1 "k8s.io/api/batch/v1" corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +const ( + jobNameTemplate = "%s-" ) func CreateJob(namespace string, name string, labels map[string]string, image string, serviceAccountName string, parallelism int32, completions int32, activeDeadlineSeconds int64, backoffLimit int32, command []string, env []corev1.EnvVar) *batchv1.Job { return &batchv1.Job{ ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: namespace, - Labels: labels, + GenerateName: fmt.Sprintf(jobNameTemplate, name), + Namespace: namespace, + Labels: labels, }, Spec: batchv1.JobSpec{ Parallelism: ¶llelism, @@ -35,3 +44,15 @@ func CreateJob(namespace string, name string, labels map[string]string, image st }, } } + +func GetJob(ctx context.Context, c client.Client, namespace, jobName string) (*batchv1.Job, error) { + job := &batchv1.Job{} + err := c.Get(ctx, client.ObjectKey{Namespace: namespace, Name: jobName}, job) + if err == nil { + return job, nil + } else if errors.IsNotFound(err) { + return nil, nil + } else { + return nil, err + } +} diff --git a/internal/controller/securesign/actions/segment_backup_job.go b/internal/controller/securesign/actions/segment_backup_job.go index 6e49629da..97f1a3511 100644 --- a/internal/controller/securesign/actions/segment_backup_job.go +++ b/internal/controller/securesign/actions/segment_backup_job.go @@ -12,11 +12,15 @@ import ( "github.com/securesign/operator/internal/controller/common/utils/kubernetes" "github.com/securesign/operator/internal/controller/constants" corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" ctrl "sigs.k8s.io/controller-runtime" rhtasv1alpha1 "github.com/securesign/operator/api/v1alpha1" "github.com/operator-framework/operator-lib/proxy" + ctrllog "sigs.k8s.io/controller-runtime/pkg/log" ) func NewSegmentBackupJobAction() action.Action[*rhtasv1alpha1.Securesign] { @@ -30,7 +34,12 @@ type segmentBackupJob struct { func (i segmentBackupJob) Name() string { return "segment-backup-installation" } + func (i segmentBackupJob) CanHandle(_ context.Context, instance *rhtasv1alpha1.Securesign) bool { + if c := meta.FindStatusCondition(instance.Status.Conditions, SegmentBackupJobName); c != nil { + return c.Reason != constants.Ready + } + val, found := instance.Annotations[annotations.Metrics] if !found { return true @@ -42,13 +51,20 @@ func (i segmentBackupJob) CanHandle(_ context.Context, instance *rhtasv1alpha1.S } func (i segmentBackupJob) Handle(ctx context.Context, instance *rhtasv1alpha1.Securesign) *action.Result { - var ( err error ) - labels := constants.LabelsFor(SegmentBackupJobName, SegmentBackupJobName, instance.Name) + if c := meta.FindStatusCondition(instance.Status.Conditions, SegmentBackupJobName); c == nil { + instance.SetCondition(v1.Condition{ + Type: SegmentBackupJobName, + Status: v1.ConditionFalse, + Reason: constants.Creating, + Message: "Creating Segment Backup Job", + }) + } + labels := constants.LabelsFor(SegmentBackupJobName, SegmentBackupJobName, instance.Name) parallelism := int32(1) completions := int32(1) activeDeadlineSeconds := int64(600) @@ -68,13 +84,32 @@ func (i segmentBackupJob) Handle(ctx context.Context, instance *rhtasv1alpha1.Se // Adding proxy variables to operand env = append(env, proxy.ReadProxyVarsFromEnv()...) + // Logic to delete old SBJ to avoid SECURESIGN-1207, can be removed after next release + log := ctrllog.FromContext(ctx) + if sbj, err := kubernetes.GetJob(ctx, i.Client, instance.Namespace, SegmentBackupJobName); sbj != nil { + if err := i.Client.Delete(ctx, sbj); err != nil { + log.Error(err, "problem with removing SBJ resources in %s", instance.Namespace) + } + } else if err != nil { + log.Error(err, "unable to retrieve SBJ resource in %s", instance.Namespace) + } + job := kubernetes.CreateJob(instance.Namespace, SegmentBackupJobName, labels, constants.SegmentBackupImage, SegmentRBACName, parallelism, completions, activeDeadlineSeconds, backoffLimit, command, env) if err = ctrl.SetControllerReference(instance, job, i.Client.Scheme()); err != nil { - return i.Failed(fmt.Errorf("could not set controll reference for Job: %w", err)) + return i.Failed(fmt.Errorf("could not set controller reference for Job: %w", err)) } + _, err = i.Ensure(ctx, job) if err != nil { return i.Failed(fmt.Errorf("failed to Ensure the job: %w", err)) } + + meta.SetStatusCondition(&instance.Status.Conditions, metav1.Condition{ + Type: SegmentBackupJobName, + Status: metav1.ConditionTrue, + Reason: constants.Ready, + Message: "Segment Backup Job Created", + }) + return i.Continue() }